package com.xiong.springsecurity.handle;

import com.xiong.springsecurity.service.impl.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * <p>
 * 权限自定义处理
 * @author XiongDa
 * @version 1.0.0
 * @since 2023/6/18 12:53
 **/
@Component
public class PermissionCustomHandler {

    public boolean hasAuthority(String authority){
        // 获取用户的所有权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();

        // 判断用户是否拥有该权限
        return permissions.contains(authority);
    }

}
